<%@ CodePage = 65001 %>
<!--#include file="wcm_DB.asp" -->

<!--#include file="ewconfig.asp"-->
<!--#include file="db.asp"-->
<!--#include file="WebOperatorinfo.asp"-->
<!--#include file="advsecu.asp"-->
<!--#include file="aspmkrfn.asp"-->

<!-- #include file="Security.asp" -->
<%
Response.expires = 0
Response.expiresabsolute = Now() - 1
Response.addHeader "pragma", "no-cache"
Response.addHeader "cache-control", "private"
Response.addHeader "cache-control", "no-cache"
Response.addHeader "cache-control", "no-store"
Response.CacheControl = "no-cache"
%>
<%
If Request.Form("submit") <> "" Then
	bValidPwd = False
	bPwdUpdated = False

	' Setup variables
	sUsername = CurrentUserName
	sOPwd = Request.Form("opwd")
	sNPwd = Request.Form("npwd")
	sCPwd = Request.Form("cpwd")
	If sNPwd = sCPwd Then
		Set conn = Server.CreateObject("ADODB.Connection")
		conn.open xDb_Conn_Str
		sFilter = "([AccUsr] = '" & AdjustSql(sUsername) & "')"
		sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, sFilter, "")
		Set rs = Server.CreateObject("ADODB.Recordset")
		rs.Open sSql, conn, 1, 2
		If Not rs.Eof Then
			If sOPwd = rs("AccPwd") Then
				rs("AccPwd") = sNPwd ' Change Password
				sEmail = rs("Email")
				rs.Update
				bValidPwd = True
				bPwdUpdated = True
			End If
		End If
		rs.Close
		Set rs = Nothing
		conn.Close
		Set conn = Nothing
	End If
	If bPwdUpdated Then
		If sEmail <> "" Then

			' Load Email Content
			Call LoadEmail("changepwd.txt")
			sEmailFrom = Replace(sEmailFrom, "<!--$From-->", "webmaster@pepsiworld.com.vn") ' Replace Sender
			sEmailTo = Replace(sEmailTo, "<!--$To-->", sEmail) ' Replace Receiver
			sEmailContent = Replace(sEmailContent, "<!--$Password-->", sNPwd) ' Replace Password

			' Send Email
			Call Send_Email(sEmailFrom, sEmailTo, sEmailCc, sEmailBcc, sEmailSubject, sEmailContent, sEmailFormat)
		End If
		Session(ewSessionMessage) = "Password Changed"
		Response.Redirect "default.asp"
	End If
Else
	bValidPwd = True
End If
%>
<!--#include file="header.asp"-->
<script type="text/javascript" src="ew.js"></script>
<script type="text/javascript">
<!-- start JavaScript
function  EW_checkMyForm(EW_this) {
if  (!EW_hasValue(EW_this.opwd, "TEXT" )) {
            if  (!EW_onError(EW_this, EW_this.opwd, "TEXT", "Please enter password"))
                return false;
        }
if  (!EW_hasValue(EW_this.npwd, "TEXT" )) {
            if  (!EW_onError(EW_this, EW_this.npwd, "TEXT", "Please enter password"))
                return false;
        }
if  (EW_this.npwd.value != EW_this.cpwd.value) {
            if  (!EW_onError(EW_this, EW_this.cpwd, "TEXT", "Mismatch Password"))
                return false;
        }
return true;
}
// end JavaScript -->
</script>
<p><span class="aspmaker">Change Password Page</span></p>
<% If Not bValidPwd Then %>
<p><span class="ewmsg">Invalid Password</span></p>
<% End If %>
<form action="changepwd.asp" method="post" onSubmit="return EW_checkMyForm(this);">
<table border="0" cellspacing="0" cellpadding="4">
	<tr>
		<td><span class="aspmaker">Old Password</span></td>
		<td><span class="aspmaker"><input type="password" name="opwd" size="20"></span></td>
	</tr>
	<tr>
		<td><span class="aspmaker">New Password</span></td>
		<td><span class="aspmaker"><input type="password" name="npwd" size="20"></span></td>
	</tr>
	<tr>
		<td><span class="aspmaker">Confirm Password</span></td>
		<td><span class="aspmaker"><input type="password" name="cpwd" size="20"></span></td>
	</tr>
	<tr>
		<td>&nbsp;</td>
		<td><span class="aspmaker"><input type="submit" name="submit" value="Change Password"></span></td>
	</tr>
</table>
</form>
<br>
<!--#include file="footer.asp"-->
